> I'd like to know the programming aspects of firewall in unix. How is it
> possible to filter all the packets coming from TCP or going to TCP. I can make
> changes in my TCP software which will not be fair. I can write a pushable
> module which has to be loaded on top of TCP by all the applications when they
> open TCP. Can anyone give me an idea about that?
> Thanx in advance.
I don't think that there is a single "Unix" solution. Unix is more of a
concept and a sort-of-standard set of interfaces more than anything.
As for our Unix at DG, if you get the commercial 4.12 B2/E4 option, you are
able to specify that connections for a specific service from specific
IP addresses be routed through a filter coming in and/or going out, among
other things. This is transparent to the applications. However, this
is certainly not standard Unix. Other Unix's have firewall products
which run on them that should allow this type of action.
Jon F. Spencer spencerj @
Data General Corp. Phone : (919)248-6246
62 T.W. Alexander Dr, MS #119 FAX : (919)248-6108
Research Triangle Park, NC 27709 Office RTP 121/9
Reality is an illusion - perception is what counts.
No success can compensate for failure in the home.
President David O. McKay
***** UCC 1-207 ********